--- a/src/mercurialserver/refreshauth.py Thu May 28 10:43:30 2009 +0100
+++ b/src/mercurialserver/refreshauth.py Tue Oct 13 15:30:03 2009 +0100
@@ -5,12 +5,15 @@
# file every time it is run
# WARNING
-import sys
+import re
+import base64
import os
import os.path
import pwd
import subprocess
-from mercurialserver import ruleset, paths
+from mercurialserver import paths
+
+goodkey = re.compile("[/A-Za-z0-9._-]+$")
def refreshAuth(pw_dir):
akeyfile = pw_dir + "/.ssh/authorized_keys"
@@ -38,10 +41,9 @@
raise Exception("Inconsistent behaviour in os.walk, bailing")
#print "Processing file", ffn
keyname = ffn[len(kr):]
- if not ruleset.goodpath(keyname):
- # ignore any path that contains dodgy characters
- #print "Ignoring file", ffn
- continue
+ if not goodkey.match(keyname):
+ # Encode it for safe quoting
+ keyname = "--base64 " + base64.b64encode(keyname)
p = subprocess.Popen(("ssh-keygen", "-i", "-f", ffn),
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
newkey = p.communicate()[0]